WordPress Relocate Upload plugin version 0.14 suffers from a remote file inclusion vulnerability.
4bbe8fbb769a5b00cc395ace0a6db17412d3437d2bc1ff4f2c7211144d670b91WordPress Mini Mail Dashboard Widget plugin version 1.36 suffers from a remote file inclusion vulnerability.
22b8b46f36afaf271f47a324d98d3dfe771d22dbfd2307d2cabfd63b7bac9ea9WordPress Zingiri Web Shop plugin version 2.2.0 suffers from a remote file inclusion vulnerability.
eb86823281e55aaf1a6c7deaa561f14cc74a0659373aae29549e9aa8cc507d5cWordPress Mailing List plugin version 1.3.2 suffers from a remote file inclusion vulnerability.
c62dd24b059c91a378049c480428ca9765b7b65f1ace1718c81835ae8bc9a488Ubuntu Security Notice 1209-2 - It was discovered that Libav incorrectly handled certain malformed ogg files. If a user were tricked into opening a crafted ogg file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that Libav incorrectly handled certain malformed AMV files. If a user were tricked into opening a crafted AMV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.
9621f95272d1d1ce829f24f5c28f2c8817f6ad5df4167d0c0cb9336fa27f9d7fUbuntu Security Notice 1209-1 - It was discovered that FFmpeg incorrectly handled certain malformed ogg files. If a user were tricked into opening a crafted ogg file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 10.10. It was discovered that FFmpeg incorrectly handled certain malformed AMV files. If a user were tricked into opening a crafted AMV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 10.10. Various other issues were also addressed.
9a25bee80cf1df7c81ece3ee62fc95b8e13a4030196ba5a3b6bf163c90a3cd58Red Hat Security Advisory 2011-1317-01 - The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. A buffer overflow flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to crash the nntpd child process or, possibly, execute arbitrary code with the privileges of the cyrus user.
08236021a1e725e1e06393ac59be1014c21fe6adaad53673952a5ba86038b8b1HP Security Bulletin HPSBMU02705 SSRT100622 - A potential security vulnerability has been identified with HP Business Service Automation (BSA) Essentials. The vulnerability could be exploited remotely to execute arbitrary code. Revision 1 of this advisory.
90e3828bcb44b7c50519574058d314b50a97f57da31d08d8a0158a9b5fac8ec4VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a heap corruption error when processing malformed Formula records within an Excel document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted XLS document.
fea05647dde36d6873e65a4a370929a4399740a72e46e76f9aa3a5901033bd1fMultiple WordPress plugins suffer from a remote shell upload vulnerability due to the reuse of the vulnerable timthumb.php library.
321c3ad06b0f47075ec9eb1b1882d1392ead87ce0674e1dbfd83a2020fa2909dCisco TelePresensce Series suffers from client-side code execution, denial of service, cookie theft, loss of confidentiality, and impersonation vulnerabilities.
bc7f59652d2d33927b5be11b22f77d5545fd6efa01646d0cc73f14ea610a6d87Debian Linux Security Advisory 2305-1 - Two security issue have been discovered that affect vsftpd, a lightweight, efficient FTP server written for security.
d1013c9209e9503db4e32189f1ad82768a403b81814dbf62efc924b7a59799f6WordPress TheCartPress plugin version 1.1.1 suffers from a remote file inclusion vulnerability.
51de8edbe4033bacd0f4611cbca6a1140cd31164ab53aa95b893d748467e6ff8WordPress AllWebMenus plugin version 1.1.3 suffers from a remote file inclusion vulnerability.
f5992b2e2ebf81baa29016bfe3528094294216f811d0fa8fbeaaaa77bd9ce35cWordPress WPEasyStats plugin version 1.8 suffers from a remote file inclusion vulnerability.
d3f013a760a7b4563260188e45ab4a66c858aef58be11b3225d2ee692195009eWordPress Annonces plugin version 1.2.0.0 suffers from a remote file inclusion vulnerability.
2e4ae0c37dabeb183163b80fa8ef260ca92eb9b43ff547a9b25552e65bf84af8WordPress Livesig plugin version 0.4 suffers from a remote file inclusion vulnerability.
87c4823c00d785ca175170726e8c75d327a8c835b78969ac014324cd04befe8bThis Metasploit module exploits a stack buffer overflow in Azeotech's DaqFactory product. The specific vulnerability is triggered when sending a specially crafted 'NETB' request to port 20034. Exploitation of this vulnerability may take a few seconds due to the use of egghunter. This vulnerability was one of the 14 releases discovered by researcher Luigi Auriemma.
f768d01949d1c55ca3bfc13b8651ff570985496cb1e98d04e3b557ddfbf40e5eWordPress Disclosure Policy plugin version 1.0 suffers from a remote file inclusion vulnerability.
0883309d0035ccfbd29c2ac569cbe354ce45ea78f5c74ad7108f607655fd0d98Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.
fa0dfc33f323abfbc94aa993d90d37481cd2f652ee93ec2f8c333ac7a496c7b9vlock is a program to lock one or more sessions on the Linux console. This is especially useful for Linux machines which have multiple users with access to the console. One user may lock his or her session(s) while still allowing other users to use the system on other virtual consoles. If desired, the entire console may be locked and virtual console switching disabled.
85aa5aed1ae49351378a0bd527a013078f0f969372a63164b1944174ae1a5e39Toko Lite CMS version 1.5.2 suffers from a HTTP response splitting vulnerability. Input passed to the 'charSet' parameter in 'edit.php' is not properly sanitized before being returned to the user. This can be exploited to insert arbitrary HTTP headers, which are included in a response sent to the user.
0ece8e90a521dbb49857876275b2f7437dfe10ead5f178eb312f800e5e26394bToko Lite CMS version 15.2 suffers from multiple cross site scripting vulnerabilities.
1e375defb0b70ff576bb4ab30105128e41f023f56c06f5adc032a0786038ed7cAspgwy Access version 1.0.0 suffers from a cross site scripting vulnerability.
78db463e58965c529a5c4a6614d17333f3c19ce080b1a06db7603e8385da93aeWordPress Filedownload plugin version 0.1 suffers from a file disclosure vulnerability.
7caf8797e03a291467364c0a1cd9e428d63613b9a7870a60ea2e99e43d1090f5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed